Lucene search
K

15 matches found

Vulnrichment
Vulnrichment
added 2026/05/11 6:32 p.m.8 views

CVE-2026-42870 WeGIA: Cross-Site Scripting (XSS) Stored endpoint 'informacao_adicional.php' parameter 'descricao'

WeGIA is a web manager for charitable institutions. In versions prior to 3.7.0, a Stored Cross-Site Scripting XSS flaw was identified at the following endpoint: funcionario/profilefuncionario.php?idfuncionario=2. By injecting a malicious payload into the 'Description' Descrição field and saving t...

6.4CVSS5.8AI score0.00281EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/14 9:49 p.m.12 views

CVE-2025-62177

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, a SQL Injection vulnerability was identified in the /html/funcionario/dependentelistar.php endpoint, specifically in the idfuncionario parameter. This vulnerability allows attackers to...

8.8CVSS8.2AI score0.0048EPSS
Exploits1References1
NVD
NVD
added 2025/10/13 10:15 p.m.4 views

CVE-2025-62177

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, a SQL Injection vulnerability was identified in the /html/funcionario/dependentelistar.php endpoint, specifically in the idfuncionario parameter. This vulnerability allows attackers to...

8.8CVSS0.0048EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/13 9:9 p.m.5 views

EUVD-2025-34109

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, a SQL Injection vulnerability was identified in the /html/funcionario/dependentelistar.php endpoint, specifically in the idfuncionario parameter. This vulnerability allows attackers to...

8.6CVSS7.7AI score0.0048EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/10/13 9:9 p.m.14 views

CVE-2025-62177 WeGIA vulnerable to SQL Injection via 'id_funcionario' param at endpoint `/html/funcionario/dependente_listar.php`

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, a SQL Injection vulnerability was identified in the /html/funcionario/dependentelistar.php endpoint, specifically in the idfuncionario parameter. This vulnerability allows attackers to...

8.6CVSS0.0048EPSS
Exploits1References2
CVE
CVE
added 2025/10/13 9:9 p.m.18 views

CVE-2025-62177

WeGIA (open source Web Manager for Institutions) versions prior to 3.5.1 are affected by a SQL Injection in the endpoint /html/funcionario/dependente_listar.php via the id_funcionario parameter. The vulnerability could allow attackers to execute arbitrary SQL commands, threatening confidentiality...

8.8CVSS7.8AI score0.0048EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/10/13 12:0 a.m.5 views

PT-2025-41815

Name of the Vulnerable Software and Affected Versions WeGIA versions prior to 3.5.1 Description WeGIA is a Web Manager for Institutions. A SQL Injection issue exists in the /html/funcionario/dependente listar.php API endpoint, specifically through the id funcionario parameter. Successful...

8.6CVSS8AI score0.0048EPSS
Exploits1References7
CNNVD
CNNVD
added 2025/08/21 12:0 a.m.2 views

WeGIA 安全漏洞

WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. A security vulnerability exists in WeGIA versions prior to 3.4.10, which stems from an SQL injection in the idfuncionario parameter in the /html/funcionario/dependenteremover.php endpoint, which could lea...

9.4CVSS7.5AI score0.00393EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/08/21 12:0 a.m.9 views

PT-2025-34248 · Wegia · Wegia

Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.4.10 Description: WeGIA is a Web manager for charitable institutions. A SQL Injection vulnerability exists in the /html/funcionario/dependente remover.php endpoint, specifically in the id funcionario parameter. This...

9.4CVSS7.9AI score0.00393EPSS
Exploits1References10
CNVD
CNVD
added 2025/07/11 12:0 a.m.2 views

WeGIA Cross-Site Scripting Vulnerability (CNVD-2025-17288)

WeGIA is a web manager for welfare organizations. WeGIA suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data by the idfuncionario parameter in the cadastrodependentepessoanova.php endpoint, for which no detailed...

6.1CVSS6.3AI score0.00238EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/07/07 12:0 a.m.3 views

WeGIA SQL注入漏洞

WeGIA is a web manager for welfare organizations. WeGIA suffers from a SQL injection vulnerability that stems from a lack of validation of the idfuncionario parameter against externally entered SQL statements. An attacker can exploit this vulnerability to execute illegal SQL commands to steal...

9.8CVSS8AI score0.00488EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/07/07 12:0 a.m.3 views

WeGIA 跨站脚本漏洞

WeGIA is a web manager for welfare organizations. WeGIA suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data by the idfuncionario parameter in the cadastrodependentepessoanova.php endpoint, for which no detailed...

6.1CVSS6AI score0.00238EPSS
Exploits1References3
CNVD
CNVD
added 2025/04/03 12:0 a.m.3 views

WeGIA SQL Injection Vulnerability (CNVD-2025-22279)

WeGIA is a web manager for welfare organizations. WeGIA suffers from a SQL injection vulnerability that stems from a lack of validation of the idfuncionario parameter against externally entered SQL statements. An attacker can exploit this vulnerability to execute illegal SQL commands to steal...

10CVSS8.3AI score0.00605EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/03/27 12:0 a.m.3 views

WeGIA SQL注入漏洞

WeGIA is a web manager for welfare organizations. WeGIA suffers from a SQL injection vulnerability that stems from a lack of validation of the idfuncionario parameter against externally entered SQL statements. An attacker can exploit this vulnerability to execute illegal SQL commands to steal...

10CVSS8.2AI score0.00605EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/01/17 12:0 a.m.3 views

WeGIA 安全漏洞

WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. A security vulnerability exists in WeGIA versions prior to 3.2.0, which stems from vulnerability to SQL injection attacks on the idfuncionario parameter in /funcionario/remuneracao.php...

9.8CVSS7.7AI score0.00596EPSS
Exploits1References3
Rows per page
Query Builder